Why is determining liability for security breaches so difficult?

On Behalf of | Sep 14, 2020 | Negligent Security Defense |

In any business, technology is becoming the foundation. Everything is online or stored digitally and so all businesses require security systems and risk mitigation to prevent cyberattacks.

According to Forbes, in 2019, there were almost 1500 data breaches. Cyberattacks on your business can be expensive and leave you open for lawsuits. While dealing with the fallout from a cyberattack, you may be able to hold the software company that provided your security accountable.

Why assigning liability poses difficulty

After a security breach, you may feel as though the vendor that supplied your security software or hardware acted negligently. Perhaps the company did not care about security but only cared about the sales. The problem with assigning liability is that no one can expect hardware to be one hundred percent impenetrable. In a test of security applications, about 83 percent had at least one security flaw.

How to determine liability in security breaches

The industry requires standards. There should be an environment for developers to identify and address vulnerabilities. As of right now, there are existing standards and developers should live up to those standards. How to hold a company responsible does become murky, however.

Say that you have two companies and both suffered the same security breach. Now, in this example, both companies have different security systems to mitigate cyber risks. To determine liability in a security breach is to encourage companies to create more secure options. If a company does not meet the security standards of the industry, then it may be liable. Security breaches have high costs and hence liability is crucial to prove.

Lawyers of Distinction: top 10% in the USALawyers of Distinction: top 10% in the USALawyers of Distinction: top 10% in the USALawyers of Distinction: top 10% in the USALawyers of Distinction: top 10% in the USA